add my 2c, it may not mean anything but what the heck,... pix 501 has session / connection problems with (at least) win9x and mac clients and servers. I had problems with http, ftp and smb. The problems were experienced with inside clients connecting to outside (internet) resources, and it seems like your problem are the other way around, but I'd thought I'd mention it. Maybe a google on 501 problems may help you. I had mine switched out for a 506 for this reason. (longshot, but what the heck), good luck. bobb ----- Original Message ----- From: "Robert Jean" <robertjean2@yahoo.com> To: <zope@zope.org> Sent: Sunday, February 22, 2004 1:05 PM Subject: [Zope] FTP and firewall
Hello,
For users on the internal network, the Zope 2.6 FTP server works fine. However, we wish to expand the application to distributed clients over the internet. The hardware used is a CISCO PIX 501 firewall. The current settings are as follows:
access-list outside-in permit tcp any host <WAN IP ADDRESS> eq 8021 static (inside,outside) <WAN IP ADDRESS> xxx.xxx.x.xxx netmask 255.255.255.255 0 0
The problem is, I suspect as per the FTP protocol, the client decides the local socket of the data channel (not very good for firewall support). However, I have been successful with other standard FTP servers using similar treatment. Is there a resolution to this issue?
Thank you, Robert
__________________________________ Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want. http://antispam.yahoo.com/tools
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )